MSFT-0035 - 54 - PATENT 



CLAIMS 



1 . An enforcement architecture for digital rimts management, wherein 
the architecture enforces rights in protected digital content, ihs architecture comprising: 

a content server for distributing the digital content; 
a license server for issuing at leas^one digital license corresponding 
10 to and separate from the digital content; and 

a computing device for receh/ing the distributed digital content and 
for receiving and storing any digital license corresponding to the digital content, the 
computing device having: 

a rendering application for rendering the digital content; and 
1 5 a Digital Rights Management (DRM) system for being 

invoked by the rendering application uplon such rendering application attempting to render 
the digital content, the DRM system /or determining whether a right to render the digital 
content in the manner sought exists based on any digital license stored in the computing 
device and corresponding to theydigital content. 

2. The architecture of claim 1 , wherein the content server is 
communicatively couple^Ao a network and distributes the digital content over the network. 



3. /The architecture of claim 2, wherein the content server is 
25 communicatively cgdpled to the Internet and distributes the digital content over the 
Internet. 



/4. The architecture of claim 1 , wherein the license server is 
communicatively coupled to a network and issues the at least one digital license over the 
30 network. 
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5. The architecture of claim 4, wherein the license ser/er is 
communicatively coupled to the Internet and issues the at least one digital license over the 
Intemet. 

6. The architecture of claim 1 , wherein the content server is 
communicatively coupled to a portable medium writer and distributes the digital content 
on a portable medium written by the portable medium writer, the portable medium selected 
from the group consisting of an optical storage medium and aymagnetic storage medium. 

7. The architecture of claim 1 , whereii/ the content server distributes 
the digital content in an encrypted form. 

8. The architecture of claim 7, \^erein each digital license 
corresponding to the digital content includes: 

a decryption key that deci^pts the encrypted digital content; and 
a description of the rights conferred by the license, wherein the 

encrypted digital content cannot be decrypte^and rendered without obtaining such license 

from the license server. 



9. The architecture df claim 8, wherein each digital Ucense 
corresponding to the digital content further includes a digital signature that binds the 
license to the encrypted digital cont^t. 

(A 

10. The architecture of claim 1, wherein if the DRM system determines 
that the right to render the digits content in the manner sought does not exist based on any 
digital license stored in the computing device and corresponding to the digital content, 
such DRM system directs a computing device user to the license server to obtain a digital 
license to render such digital content in the manner sought. 
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that the right to render the digital content in the manner sought does not exist based on any 
digital license stored in the computing device and corresponding to the digital content, 
such DRM system transparently obtains a digital license from the license server without 
any action necessary on the part of a computing device user. / 

12. The architecture of claim 1, wherein the DRM system includes a 
license store for storing digital licenses. / 

1 3 . The architecture of claim 1 , wher^n each digital license 
corresponding to the digital content is boimd to such digital content. 

1 4. The architecture of claim 1 3, wherein each digital license 
corresponding to the digital content is bound to/such digital content by way of a public / 
private key technique. / 

15. The architecture oi claim 1, wherein the license server issues a 
digital license to a DRM system only if the license server trusts such DRM system to abide 
by the license. / 



16. The architecture of claim 15, wherein the content server distributes 
the digital content in an encrypted form, and wherein the DRM system includes a trusted 
black box for performing decryption and encryption functions for such DRM system. 



unique public / private Key pair for performing the decryption and encryption functions. 




17. 



architecture of claim 16, wherein the black box includes a 



18. 

digital license in n 
including the bladl 



/ The architecture of claim 17, wherein the license server issues each 
sponse to a license request from the DRM system, the license request 
box public key, the license server encrypting at least a portion of the 
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digital license according to the black box public key prior to issuance of such license, 
thereby binding such license to such black box. 

19. The architecture of claim 18, wherein the content server distributes 
5 the digital content in an encrypted form, wherein each digital license corresponding to the 
digital content includes a decryption key that decrypts the encr^ted digital content, and 
wherein the license server encrypts the decryption key in the |icense according to the black 
box public key. 

10 20. The architecture of claim 19, wherein each digital license 

corresponding to the digital content further includes a/description of the rights conferred 
by the license, wherein the encrypted digital content cannot be decrypted and rendered 
without obtaining such license from the license server, and wherein the license server 
encrypts the rights description in the license ac9ording to the decryption key. 

15 

2 1 . The architecture of cl4im 16, wherein the black box includes a 
version number. / (^^^ 

22. The architecture! of claim 21 wherein the license server issues each 
20 digital license in response to a license request from the DRM system, the license request 

including the version number of the black box, the license server determining prior to 
issuance of the license whether the version number of the black box is acceptable, the 
license server upon determining that the version number of the black box is not acceptable 
refiising to issue the license uiltil the black box is updated, the architecture further 
25 comprising a black box server for providing an updated black box to the DRM system. 



23. The architecture of claim 16, wherein the black box includes a 
certifying authority signature as provided by an approved certifying authority. 



30 24. /The architecture of claim 23 wherein the license server issues each 



20 
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digital license in response to a license request from the DRM system, the license request 
including the certifying authority signature, the license server determining^^or to 
issuance of the license whether the certifying authority signature is valid 



7 



5 25. The architecture of claim 15, wherein each digital license 

corresponding to the digital content includes a description of the riaits conferred by the 
license, and wherein the DRM system includes a trusted license eivaluator for evaluating 
the rights description and allowing rendering of the digital content by the rendering 
application only if such rendering is in accordance with the fights description of the 
10 license. 

26. The architecture of claim 1 further comprising an issued license 
database for maintaining information on digital licenses issued by the license server, 
wherein if the computing device loses a received li/ense, a re-issue thereof may be 

15 provided based on the information in the issued Ifcense database. 

27. The architecture of claim 1 further comprising an authoring tool for 
authoring the digital content distributed by the content server in a form amenable to the 



architecture. / 

28. The architecture/of claim 27 wherein the authoring tool encrypts the 
digital content according to a decryption key and stores information on the digital content 
and the encryption key in a contentTKey database. 



25 29. The architecture of claim 28 wherein the license server accesses the 

tdnti 



information on the digital content and the encryption key in the content-key database prior 

respo] 
ued. 



to issuance of a license corresponding to the digital content, and includes the decryption 
key with such license as iss 



30 30. A method for implementing digital rights management, wherein the 
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method enforces rights in protected digital content, the method comprising: 

distributing the digital content from a content server to a computing 

device of a user; 

receiving the distributed digital content at the cc^mputing device; 
5 attempting to render the digital content by of a rendering 

application; 

invoking, by the rendering application, a/t)igital Rights 
Management (DRM) system upon such rendering applicatioiyattempting to render the 
digital content; 

1 0 determining, by the DRM system,y^hether a right to render the 

digital content in the manner sought exists based on anv digital license stored in the 
computing device and corresponding to the digital c(^tent; and 

if the right does not exist: 

requesting from a license server a digital license that 
15 provides such right and that corresponds to andas separate from the digital content; 

issuing, by the jicense server, the digital license to the DRM 

system; 

receiving, b^ the computing device, the issued digital license 
corresponding to the digital content from the license server; and 
20 storing pe received digital license on the computing device. 

0- 

3 1 . The method/of claim 30, wherein the distributing step comprises 
distributing the digital content oyer a network. 



25 32. The method of claim 3 1 , wherein the distributing step comprises 

distributing the digital contpt over the Internet. 

33. Tl^ method of claim 30, wherein the issuing step comprises issuing 
the digital license over network. 

30 
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34. The method of claim 33, wherein the issuing step comprises issuing 
the digital license over the Intemet. / 

35. The method of claim 30, wherein the distributing step comprises 
distributing the digital content on a portable medium selected from thcygroup consisting of 
an optical storage medium and a magnetic storage medium. / 

36. The method of claim 30, wherein the distributing step comprises 
distributing the digital content in an encrypted form. / 

37. The method of claim 36, further comprising including with each 
digital license corresponding to the digital content: / 

a decryption key that decrypts the/encrypted digital content; and • 
a description of the rights conferred by the Ucense, wherein the 

encrypted digital content cannot be decrypted and remiered without obtaining such license 

from the license server. / ^ 



38. The method of claim 37, wherein the including step further 
comprises including with each digital Ucense corresponding to the digital content a digital 
signature that binds the Ucense to the encrypted digital content. 

39. The method of claim 30, wherein the requesting a digital Ucense 
step comprises directing, by the DRM system, a computing device user to the license 
server to obtain a digital license to render such digital content in the manner sought. 

40. The method of claim 30, wherein the requesting a digital Ucense 
step comprises transparently obtaining, by the DRM system, a digital license from the 
license server without any action necessary on the part of a computing device user. 




41. 



The mi 



Lod of claim 30, wherein the storing step comprises storing. 
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by the DRM system, the received digital Hcense in a license store of the DRM^system. 



42. The method of claim 30, further comprising binding, by the license 
server, the digital license to the corresponding digital content. / 

43. The method of claim 42, comprising binding, by the license server, 
the digital license to the corresponding digital content by way of a public / private key 
technique. / 

44. The method of claim 30, wherein me issuing step comprises issuing, 
by the license server, the digital license to the DRM system only if the Ucense server trusts 
such DRM system to abide by the license. / 



distributing, by the content server, the digital content in an encrypted form, and further 
comprising employing a trusted black box in me DRM system to perform decryption and 
encryption functions for such DRM system/ 



private key pair, and wherein the requesting a digital license step comprises including in 
the request the black box pubUc key /and further comprising encrypting, by the license 
server, at least a portion of the digital license according to the black box public key prior to 
issuance of such license, thereby binding such license to such black box. 



45. The method of claim 44, wnerein the distributing step comprises 




46. The method of cmim 45, wherein the black box includes a public / 
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47. The method of claim 46, wherein the distributing step^comprises 
distributing the digital content in an encrypted form, and further comprising: 

including with each digital license corresponding/to the digital 
content a decryption key that decrypts the encrypted digital content; and 

encrypting, by the license server, the decryp^n key in the license 
according to the black box public key. 



15 



48. The method of claim 47, further compfising: 
including with each digital license corresponding to the digital 

10 content a description of the rights conferred by the license, wherein the encrypted digital 
content cannot be decrypted and rendered without obt/ining such license from the license 
server; and 

encrypting, by the license s^^rver, the rights description in the UcenSe 
according to the decryption key. 

/ ^ 

49. The method of claim 45, wherein the black box includes a version 
number, and wherein the requesting a digital Ucense step comprises including in the 
request the version number of the blackyoox, and further comprising: 

determining, by the license server, prior to issuance of the license 
20 whether the version number of the bmck box is acceptable; and 

upon detenmning that the version niunber of the black box is not 
acceptable, the license server reMsing to issue the license until the black box is updated, 
the architecture further compripng a black box server for providing an updated black box 
to the DRM system. 

25 

50. The/method of claim 45, wherein the black box includes a certifying 
authority signature as pro/vided by an approved certifying authority, and wherein the 
requesting a digital license step comprises including the certifying authority signature, the 
license server deterniining prior to issuance of the license whether the certifying authority 

30 signature is vaUd. 
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5 1 . The method of claim 44, wherein the issumg the digital license step 
comprises mcluding with the digital license a description of tl)e rights conferred by the 
license, and further comprising: 

evaluating, by a trusted license eval)iator of the DRM system, the 

rights description; and 

allowing rendering of the digital/content by the rendering 
application only if such rendering is in accordance wjlh the rights description of the 
license. 



15 



52. The method of claim 30 mrther comprising maintaining information 
on digital licenses issued by the license server in an issued license database, wherein if thfe 
computing device loses a received license, a ^-issue thereof may be provided based on the 
information in the issued license database. 



20 



25 



30 



53. The method of claim 30 further comprising authoring, by an 
authoring tool, the digital content distril/uted by the content server in a form amenable to 
the architecture. 

54. The method of claim 53 wherein the authoring step comprises: 
encrypting tne digital content according to a decryption key; and 
storing information on the digital content and the encryption key in 

a content-key database. 

55. The m^od of claim 54 wherein the issuing the digital license step 

comprises: 

accessing, by the license server, the information on the digital 
content and the encryption^ key in the content-key database prior to issuance of a license 
corresponding to the digital content; and 
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including the decryption key with such license as issued. 



56. An enforcement architecture for digital rights mariagement, wherein 
the architecture enforces rights in protected digital content, the architecture comprising: 
5 a content server communicatively coupled to / network for 

distributing the digital content over the network; 

a license server for issuing at least one distal license corresponding 
to and separate from the digital content, the license server being communicatively coupled 
to the network for issuing the at least one digital license ove/the network; and 
10 a computing device commxmicatively coupled to the network for 

receiving the distributed digital content and for receivin^/any digital license corresponding 
to the digital content, the computing device also having 

a memory for storing ajiy digital license corresponding to the 

digital content; 

15 a rendering applica^on for attempting to render the digital 

content; and 

a Digital Rights K/Ianagement (DRM) system for being 
invoked by the rendering application upon such rendering application attempting to render 
the digital content, the DRM system for determining whether a right to render the digital 
20 content in the manner sought exists basecyon any digital license stored in the computing 
device and corresponding to the digital ^(ontent. (j^^ 



57. The architectuie of claim 56, wherein the content server is 
communicatively coupled to the Intjsmet and distributes the digital content over the 

25 Internet. 

58. The architecture of claim 56, wherein the license server is 
communicatively coupled to t^e Internet and issues the at least one digital license over the 
Internet. 



30 



^.5 



i y 



10 
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59. The architecture of claim 56, wherein the content server is also 
communicatively coupled to a portable medium writer and distributes the Agital content 
on a portable medium written by the portable medium writer, the portable medium selected 
from the group consisting of an optical storage medium and a magnetic storage medium, 
and wherein the computing device includes a portable medium reade/ corresponding to the 
portable medium writer for receiving and reading the portable me 



60. The architecture of claim 56, wherein th9^content server distributes 
the digital content in an encrypted form. 



6 1 . The architecture of claim 60^ where jn each digital license 
corresponding to the digital content includes: 

a decryption key that decrypts thef encrypted digital content; and 
a description of the rights conferred by the license, wherein the 
1 5 encrypted digital content cannot be decrypted and rendered without obtaining such license 
from the license server. 

62. The architecture of claini/61 , wherein each digital license 
corresponding to the digital content further includes a digital signature that binds the 

20 license to the encrypted digital content. , 

63. The architecture oi claim 56, wherein if the DRM system 
determines that the right to render the digital content in the manner sought does not exist 
based on any digital license stored in tne computing device and corresponding to the 

25 digital content, such DRM system di/ects a computing device user to the license server to 
obtain a digital license to render such digital content in the manner sought. 

64. The architecture of claim 56, wherein if the DRM system 
determines that the right to render the digital content in the manner sought does not exist 

30 based on any digital license stbred in the computing device and corresponding to the 



» 
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digital content, such DRM system transparently obtains a digital license from the license 
server without any action necessary on the part of a computing device/user. 

65. The architecture of claim 56, wherein the DJIM system includes a 
5 license store for storing digital licenses. 



66. The architecture of claim 56, wherein each digital license 
corresponding to the digital content is bound to such digital content. 



Q 

. Ft 



10 67. The architecture of claim 66, wherein each digital license 

corresponding to the digital content is bound to such^digital content by way of a public / 
private key technique. 

68. The architecture of claimy56, wherein the license server issues a 
15 digital license to a DRM system only if the lic^ense server trusts such DRM system to abide 
by the license. 



20 




69. The architecture offclaim 68, wherein the content server distributes 
the digital content in an encrypted forai/and wherein the DRM system includes a trusted 
black box for performing decryption md encryption functions for such DRM system. 



70. The architectfire of claim 69, wherein the black box includes a 
unique public / private key pair for performing the decryption and encryption functions. 



25 



30 



71. The architecture of claim 70, wherein the license server issues each 
digital license in response to aAicense request from the DRM system, the license request 
including the black box public key, the license server encrypting at least a portion of the 
digital license according to me black box public key prior to issuance of such license, 
thereby binding such license to such black box. 
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72. The architecture of claim 71 , wherein the content server distributes 
the digital content in an encrypted form, wherein each digital license corresponding to the 
digital content includes a decryption key that decrypts the encryptedyiligital content, and 
wherein the license server encrypts the decryption key in the license according to the black 
box public key. 



10 



73. The architecture of claim 72, wherein e^h digital license 
corresponding to the digital content further includes a descr^tion of the rights conferred 
by the license, wherein the encrypted digital content caimot be decrypted and rendered 
without obtaining such license from the license server, and wherein the license server 
encrypts the rights description in the license accordingyto the decryption key. 



15 



20 



74. The architecture of claim 69,/vherein the black box includes a 




version number. 



75. The architecture of clain/74 wherein the license server issues each 
digital license in response to a license request from the DRM system, tiie license request 
including the version number of the black box, the license server determining prior to 
issuance of the Ucense whether the version number of the black box is acceptable, the 
license server upon determining that the version number of the black box is not acceptable 
refusing to issue the license until the black box is updated, the architecture further 
comprising a black box server for providing an updated black box to the DRM system. 



76. The architectu/e of claim 69, wherein the black box includes a 
25 certifying authority signature as pro/^ided by an approved certifying authority. 



30 



77. The architebture of claim 76 wherein the license server issues each 
digital license in response to a license request from the DRM system, the license request 
including the certifying authoriA^ signature, the license server determining prior to 
issuance of the license whethef the certifying authority signature is valid. 
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78. The architecture of claim 68, wherein each digital license 
corresponding to the digital content includes a description of the rights conferred by the 
license, and wherein the DRM system includes a trusted license ev/luator for evaluating 

5 the rights description and allowing rendering of the digital conterit by the rendering 
application only if such rendering is in accordance with the rieMts description of the 
license. 

79. The architecture of claim 56 further comprising an issued license 
1 0 database for maintaining information on digital licenses issued by the license server, 

wherein if the computing device loses a received license, a re-issue thereof may be 
provided based on the information in the issued licwise database. 

80. The architecture of claim/56 further comprising an authoring tool 
1 5 for authoring the digital content distributed by/the content server in a form amenable to the 

architecture. 




8 1 . The architecture oftclaim 80 wherein the authoring tool encrypts the 
digital content according to a decryption/^key and stores information on the digital content 

20 and the encryption key in a content-ke/ database. 

82. The architecture of claim 81 wherein the license server accesses the 
information on the digital contentyand the encryption key in the content-key database prior 
to issuance of a license corresponding to the digital content, and includes the decryption 

25 key with such license as issue 

83. An eriforcement architecture for digital rights management, wherein 
the architecture enforces rights in protected digital content, the architecture comprising: 

^authoring tool for authoring the digital content in a forai 
30 amenable to the architecture; 
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a content server for receiving the digital content from the authoring 
tool and distributing the digital content; and / 

a license server for issuing at least one digital license corresponding 
to and separate from the digital content, wherein a computing device receives the 
5 distributed digital content and receives and stores any digital license corresponding to the 
digital content, the computing device having a rendering mplication for rendering the 
digital content; and a Digital Rights Management (DRM) system for being invoked by the 
rendering application upon such rendering application/attempting to render the digital 
content, the DRM system for deteraiining whether a/right to render the digital content in 
10 the manner sought exists based on any digital lice^e stored in the computing device and 
corresponding to the digital content. 

i;a 84. The architecture of claifn 83, wherein the content server is 

conmiunicatively coupled to a network and mstributes the digital content over the network. 



15 



85. The architecture of claim 84, wherein the content server is 
communicatively coupled to the Intem/t and distributes the digital content over the 
Intemet. 




20 86. The arcWtecture of claim 83, wherein the license server is 

commxmicatively coupled to a network and issues the at least one digital license over the 
network. 

87. The architecture of claim 86, wherein the license server is 
25 conununicatively coupled tp the Intemet and issues the at least one digital license over the 
Intemet. 



88. The architecture of claim 83, wherein the content server is 
communicatively coupled to a portable medium writer and distributes the digital content 
30 on a portable medium written by the portable medium writer, the portable medium selected 
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from the group consisting of an optical storage medium and a magnetic storage medium. 



89. The architecture of claim 1 , wherein the conten/ server distributes 
the digital content in an encrypted fomi. 



10 



90. The architecture of claim 89, wherein eajzfk digital license 

corresponding to the digital content includes: 

a decryption key that decrypts the er^rypted digital content; and 
a description of the rights conferred by the license, wherein the 

encrypted digital content caimot be decrypted and rend/red without obtaining such license 

from the license server. 



m 
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91 . The architecture of claim 90, wherein each digital license 
corresponding to the digital content further inclydes a digital signature that binds the 
license to the encrypted digital content. 




92. The architecture of paim 83, wherein a computing device user is 
directed to the license server by the DRM system to obtain a digital license to render the 
digital content in the manner sought if/he DRM system determines that the right to render 
such digital content in the manner sought does not exist based on any digital license stored 
in the computing device and corresponding to the digital content. 



93. The architecture of claim 83, wherein the DRM system 
transparently obtains a digital license from the license server without any action necessary 
25 on the part of a computingvflevice user if the DRM system determines that the right to 
render the digital content/in the manner sought does not exist based on any digital license 
stored in the computing device and corresponding to the digital content. 



94. / The architecture of claim 83, wherein each digital license 
30 corresponding to the digital content is bound to such digital content. 
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95. The architecture of claim 94, wherein each digital license 
corresponding to the digital content is bound to such digital content by ^jky of a public / 
private key technique. 

5 

96. The architecture of claim 83, wherein the lioense server issues a 
digital license to a DRM system only if the license server trusts ^ch DRM system to abide 
by the license. 

10 97. The architecture of claim 96, wherdn the content server distributes 

the digital content in an encrypted form, wherein the DRM system includes a trusted black 
box for performing decryption and encryption functions for such DRM system, wherein 
the black box includes a unique public / private key^air for performing the decryption and 
encryption functions, and wherein the license server issues each digital license in response 

15 to a license request from the DRM system, the ^cense request including the black box 
public key, the license server encrypting at least a portion of the digital license according 
to the black box public key prior to issuanc9'of such license, thereby binding such license 
to such black box, 

20 98. The architecture^of claim 97, wherein the content server distributes 

the digital content in an encrypted f^rm, wherein each digital license corresponding to the 
digital content includes a decryption key that decrypts the encrypted digital content, and 
wherein the license server encrypts the decryption key in the license according to the black 
box public key. 

25 

99. The architecture of claim 98, wherein each digital license 
corresponding to the digital content further includes a description of the rights conferred 
by the license, wherein t^e encrypted digital content caimot be decrypted and rendered 
without obtaining such license from the license server, and wherein the license server 
30 encrypts the rights description in the license according to the decryption key. 
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100. The arGhitecture of claim 97, wherein the black box includes a 
version number, and wherein the license server issues each digital license in response to a 
license request from the DRM system, the license request including trie version number of 
the black box, the license server determining prior to issuance of tWe license whether the 
version number of the black box is acceptable, the license servecHipon determining that the 
version number of the black box is not acceptable refusing to issue the license until the 
black box is updated, the architecture further comprising a ^ack box server for providing 
an updated black box to the DRM system. 

101 . The architecture of claim 97^ x^erein the black box includes a 
certifying authority signature as provided by an apo/oved certifying authority, and wherein 
the license server issues each digital license in re^onse to a license request from the DRM 
system, the license request including the certifying authority signature, the license server 
determining prior to issuance of the Ucense wj^ther the certifying authority signature is 
valid. 



20 



25 



1 02. The architecture or claim 96, wherein each digital license 
corresponding to the digital content incmdes a description of the rights conferred by the 
license, and wherein the DRM systenyincludes a trusted license evaluator for evaluating 
the rights description and allowing rendering of the digital content by the rendering 
application only if such rendering ^ in accordance with the rights description of the 
Ucense. 




103. The architecture of claim 83 further comprising an issued license 
database for maintaining information on digital licenses issued by the license server, 
wherein if the computing device loses a received license, a re-issue thereof may be 
provided based on the information in the issued license database. 



30 



104. The architecture of claim 83 wherein the authoring tool encrypts the 
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Tiation on the digital content 

105. The architecture of claim 104^herein tl^ikmsTserver accesses 
the information on the digital content and the eiwryption key in the content-key database 
prior to issuance of a license corresponding tp4he digital content, and includes the 
decryption key with such Ucense as issued/ 
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digital content according to a decryption key and stores infoi 
and the encryption key in a content-key database. / 



